Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/67kDJ4h_KsxZaoYlGILG6I318QY.roa
File: 67kDJ4h_KsxZaoYlGILG6I318QY.roa (raw, json)
Hash identifier: 3Yu6n0vdXC0PpIyTwloQcUXkbzJ/bX05jWpcNITpBsI=
Subject key identifier: EB:B9:03:27:88:7F:2A:CC:59:6A:86:25:18:82:C6:E8:8D:F5:F1:06
Certificate issuer: /CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Certificate serial: 018CC6B7A63CFBCC797F85E47778CFB01049
Authority key identifier: A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/67kDJ4h_KsxZaoYlGILG6I318QY.roa
Signing time: Mon 01 Jan 2024 20:29:33 +0000
ROA not before: Mon 01 Jan 2024 20:29:33 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 5394
IP address blocks: 81.29.184.0/21 maxlen: 21
81.29.180.0/22 maxlen: 22
194.183.0.0/19 maxlen: 19
77.39.224.0/20 maxlen: 20
77.39.224.0/19 maxlen: 19
194.183.16.0/24 maxlen: 24
77.39.240.0/20 maxlen: 20
77.39.160.0/19 maxlen: 19
77.39.160.0/20 maxlen: 20
77.39.176.0/20 maxlen: 20
195.250.224.0/19 maxlen: 19
195.250.224.0/24 maxlen: 24
195.250.232.0/24 maxlen: 24
217.72.96.0/20 maxlen: 20
195.94.152.0/24 maxlen: 24
195.94.160.0/24 maxlen: 24
195.94.128.0/18 maxlen: 18
194.79.208.0/20 maxlen: 20
194.79.207.0/24 maxlen: 24
213.233.27.0/24 maxlen: 24
213.233.32.0/19 maxlen: 19
213.233.36.0/24 maxlen: 24
194.79.192.0/20 maxlen: 20
194.79.192.0/19 maxlen: 19
213.233.0.0/19 maxlen: 19
213.233.0.0/18 maxlen: 18
82.145.112.0/20 maxlen: 24
2a02:688::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.mft
rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 03 Jun 2024 01:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c6:b7:a6:3c:fb:cc:79:7f:85:e4:77:78:cf:b0:10:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a4cb50e78a3a31e3375cf2aab865e845ff2e99c1
Validity
Not Before: Jan 1 20:29:33 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=ebb90327887f2acc596a86251882c6e88df5f106
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:ab:91:f4:d4:4f:46:8b:40:e1:25:28:50:de:
39:9d:00:a3:d1:98:34:0c:f4:30:31:06:69:65:81:
d4:a1:e7:a0:43:cc:a7:46:8d:fd:b3:92:bf:85:f7:
75:7f:84:43:c9:38:5b:8d:c8:6e:c0:39:59:92:2a:
3c:ff:80:68:a9:c1:26:86:f7:6f:01:d0:3e:35:89:
8f:de:74:54:40:08:26:a8:01:60:07:72:fa:ba:db:
25:d2:1f:64:3b:d3:71:8f:b8:93:78:98:55:49:76:
28:16:a0:ce:33:c0:0e:4a:b3:ef:fa:ed:f3:05:45:
1a:68:c3:34:32:88:ef:bc:b3:a6:eb:54:a1:50:4f:
b2:04:a2:e4:01:eb:c2:07:a9:06:de:0c:d7:d7:88:
97:ca:9f:75:c6:92:b2:14:a1:00:e0:da:c4:57:64:
d1:7d:e6:ff:8d:df:36:60:a5:fc:89:9d:ba:06:43:
cb:18:b2:f1:bc:db:ec:ee:e9:f1:6b:58:25:61:49:
c1:75:94:32:42:1d:db:f7:a1:87:b2:15:a2:0f:6e:
00:76:5c:0b:8d:a6:61:18:2f:b1:f6:7c:2d:e0:7d:
1e:53:84:7e:9f:f5:0c:0e:96:44:bf:cf:c4:df:4f:
b2:e8:22:39:5c:a9:76:5e:4a:ed:f6:09:05:b9:35:
18:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B9:03:27:88:7F:2A:CC:59:6A:86:25:18:82:C6:E8:8D:F5:F1:06
X509v3 Authority Key Identifier:
keyid:A4:CB:50:E7:8A:3A:31:E3:37:5C:F2:AA:B8:65:E8:45:FF:2E:99:C1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pMtQ54o6MeM3XPKquGXoRf8umcE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/67kDJ4h_KsxZaoYlGILG6I318QY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/b1f2e0-8a60-4c8a-90dc-4be794d6406d/1/pMtQ54o6MeM3XPKquGXoRf8umcE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.39.160.0/19
77.39.224.0/19
81.29.180.0-81.29.191.255
82.145.112.0/20
194.79.192.0/19
194.183.0.0/19
195.94.128.0/18
195.250.224.0/19
213.233.0.0/18
217.72.96.0/20
IPv6:
2a02:688::/32
Signature Algorithm: sha256WithRSAEncryption
6e:80:9b:b4:bf:83:51:17:95:bb:18:2f:3b:df:ed:e9:31:1b:
fe:24:a5:c4:64:d9:4a:7e:f7:7f:f5:51:91:f0:db:a2:00:82:
a6:38:18:9b:ff:36:04:0d:69:20:ad:27:2b:89:bf:1f:74:9e:
eb:94:b8:52:06:77:22:c5:4d:9b:cb:2b:93:35:3a:ed:e4:68:
58:3d:3b:27:cf:22:ed:25:99:c2:45:71:af:de:2b:a7:a1:d9:
a7:6c:4d:f1:6e:7f:f6:bd:ad:96:ba:cd:4a:b7:33:50:dc:7c:
72:64:7c:ed:24:0d:70:44:bc:53:38:de:29:ef:c1:1f:57:45:
36:eb:d3:41:26:28:92:7f:56:07:eb:64:f3:c2:b2:bd:a5:2d:
29:e1:e0:75:6c:f8:ad:0e:f8:e4:3a:2d:5a:bc:db:54:cd:6b:
03:69:81:c9:c1:79:e3:a8:31:6c:23:9e:3b:61:00:b9:2b:a9:
91:75:66:91:71:a7:c5:19:05:84:16:07:78:b3:61:e5:1a:99:
2d:63:08:14:2c:3e:66:5c:0a:a0:dd:bc:43:ad:d4:67:e2:7a:
fb:92:ce:26:47:cb:7e:cf:67:43:1d:54:c8:28:c1:14:cd:2a:
69:44:5b:0b:10:a3:8b:b6:85:f4:6a:b0:90:de:a1:f7:b8:4e:
fd:c5:16:95
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAYzGt6Y8+8x5f4Xkd3jPsBBJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0Y2I1MGU3OGEzYTMxZTMzNzVjZjJhYWI4NjVlODQ1ZmYy
ZTk5YzEwHhcNMjQwMTAxMjAyOTMzWhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmI5MDMyNzg4N2YyYWNjNTk2YTg2MjUxODgyYzZlODhkZjVmMTA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6uR9NRPRotA4SUoUN45nQCj0Zg0
DPQwMQZpZYHUoeegQ8ynRo39s5K/hfd1f4RDyThbjchuwDlZkio8/4BoqcEmhvdv
AdA+NYmP3nRUQAgmqAFgB3L6utsl0h9kO9Nxj7iTeJhVSXYoFqDOM8AOSrPv+u3z
BUUaaMM0MojvvLOm61ShUE+yBKLkAevCB6kG3gzX14iXyp91xpKyFKEA4NrEV2TR
feb/jd82YKX8iZ26BkPLGLLxvNvs7unxa1glYUnBdZQyQh3b96GHshWiD24AdlwL
jaZhGC+x9nwt4H0eU4R+n/UMDpZEv8/E30+y6CI5XKl2Xkrt9gkFuTUY6wIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFOu5AyeIfyrMWWqGJRiCxuiN9fEGMB8GA1UdIwQY
MBaAFKTLUOeKOjHjN1zyqrhl6EX/LpnBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMt
NGJlNzk0ZDY0MDZkLzEvNjdrREo0aF9Lc3haYW9ZbEdJTEc2STMxOFFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny9iMWYyZTAtOGE2MC00YzhhLTkwZGMtNGJlNzk0ZDY0MDZk
LzEvcE10UTU0bzZNZU0zWFBLcXVHWG9SZjh1bWNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzBKBAIAATBEAwQFTSegAwQF
TSfgMAwDBAJRHbQDBAZRHYADBARSkXADBAXCT8ADBAXCtwADBAbDXoADBAXD+uAD
BAbV6QADBATZSGAwDQQCAAIwBwMFACoCBogwDQYJKoZIhvcNAQELBQADggEBAG6A
m7S/g1EXlbsYLzvf7ekxG/4kpcRk2Up+93/1UZHw26IAgqY4GJv/NgQNaSCtJyuJ
vx90nuuUuFIGdyLFTZvLK5M1Ou3kaFg9OyfPIu0lmcJFca/eK6eh2adsTfFuf/a9
rZa6zUq3M1DcfHJkfO0kDXBEvFM43invwR9XRTbr00EmKJJ/VgfrZPPCsr2lLSnh
4HVs+K0O+OQ6LVq821TNawNpgcnBeeOoMWwjnjthALkrqZF1ZpFxp8UZBYQWB3iz
YeUamS1jCBQsPmZcCqDdvEOt1GfievuSziZHy37PZ0MdVMgowRTNKmlEWwsQo4u2
hfRqsJDeofe4Tv3FFpU=
-----END CERTIFICATE-----
Generated at Sun Jun 2 05:18:55 2024 by rpki-client on console-fra.rpki-client.org